One of the most important features the modern Linux distributions have inherited from Unix is the powerful command line. However, using the command line can be a little difficult for all Linux users, not just for the beginners. Fortunately, many developers have created user-friendly front-ends applications to common command line applications. One of the many such applications is KGpg, a front-end to GPG, the GNU Privacy Guard. GPG has been created for the main reason of replacing PGP, a popular encryption program. Nowadays, GPG is a very popular component in a Linux system and it's used for verification by most utilities.

GPG has been developed to provide security for - among other things - email and it's best known as an implementation of public key cryptography. Basically, for each user, GPG provides two keys, a public and a private key. If one would like to send an encrypted email to another, he will encrypt the email using his private key and the other's public key, while the other person will be able to decrypt it using his private key and the sender's public key.

Another use of GPG, besides encrypting emails, is that of a way of digitally signing software packages, so the recipient can verify each program coming from the person who claims to be the author of it.

Most likely, KGpg is already installed on your computer. If not, it can easily be installed through the distribution's package manager. For example, if you use Fedora, open a terminal and type sudo yum install kgpg. For Ubuntu, replace yum with apt-get and so on. Once installed, you can start KGpg by clicking its shortcut found in KDE or Gnome main menu, under 'Utilities' or open a terminal and type kgpg. Once started, a system tray icon will appear. A left click will open the Key Manager window, while a right-click will open a menu allowing quick access to some important features.

Using KGpg. The first thing you need before using KGpg is a key. If you don't already have a key, it's likely that KGpg will automatically pop-up the key generation dialog at the first start-up. If the dialog doesn't open, you can access it in the Key Manager from Keys / Generate Key Pair. All you need to do is enter your name and email address in the appropriate fields and click OK. Keep in mind that clicking the 'Expert Mode' will open a terminal window running GPG. After clicking OK, you will be presented with a window containing signature's Key ID and Fingerprint. It's also possible to create a Revocation Certificate but this step is optional, as you can do it later by right-clicking a key and select Revoke Key. This is a safety measure, if your system is compromised, you can send this certificate to let people know your public key is void.

Encrypting Files. There are two ways to encrypt your data. First, using Symmetrical encryption, will only encrypt with a password. Anybody using a computer with gpg can decrypt your data if you give him the password. Second, using Key encryption requires a key pair (secret and public key) to be created first. Exchange your public key with your friends and colleagues. Then, if you want to send encrypted data to a colleague, you need to encrypt the message with your colleague's public key, while he will need his own secret key and passphrase to decrypt the data.

Encrypting data can be easily done through Konqueror, by right-clicking on the file you want to encrypt and choosing Actions / Encrypt file. You will be prompted with the Public key selection dialog, where you need to select the recipient's public key and click Encrypt. The encrypted file will be saved as .asc or .gpg extension, depending on the encryption type. A file can also be encrypted using Kgpg's window by dragging and dropping the file into KGpg's system tray icon.

Decrypting the data can be done through Konqueror as well, by right-clicking the file and choosing Open with KGpg. Alternatively, you can use KGpg's editor by selecting File / Decrypt File and choosing the encrypted file.

Encrypting Emails. With Kmail, decrypting emails is a built-in feature. First, edit your identity in Kmail and add the sign and encrypt keys. Before sending an email to a recipient, you first need to search the recipient's public key on one of the key servers and import it. While composing the message, don't forget to click on the Lock icon or go to Options menu and select Encrypt. The recipient will be asked for his passphrase to decrypt and show the email.

More popular than encryption is signing emails. This process is done almost the same as encrypting but it doesn't encrypt the text, it just signs the email to prove that it's coming from the right person.

The Good

With KGpg installed, you can increase security for your files and protect your privacy for emails a little easier as it's only a front-end to GPG, the GNU Privacy Guard, a command-line application.

The Bad

Even if it's a graphical application, where everything is documented and explained, KGpg is still a very hard to use application. If you're not a security addict or you don't really, really need this high level of security, it's not worth it to complicate your life using it.

The Truth

KGpg is a front-end to GPG, which makes it easier to use. However, if this high level of security isn't an absolute must for you, you shouldn't complicate your life using it.